CVE-2026-35547

Name of the Vulnerable Software and Affected Versions FreeBSD (affected versions not specified)

Description When processing the header of an incoming message, libnv fails to properly validate the message size. This lack of validation allows a malicious program to write outside the bounds of a heap allocation, which is a heap buffer overflow (a condition where data exceeds the allocated memory buffer on the heap). This can trigger a crash or system panic, and may allow an unprivileged user to elevate their privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.